Lucene search
+L

74 matches found

fedora
fedora
added 4 days ago6 views

[SECURITY] Fedora 44 Update: log4cxx-1.7.0-2.fc44

Log4cxx is a popular logging package written in C++. One of its distinctive features is the notion of inheritance in loggers. Using a logger hierarchy it is possible to control which log statements are output at arbitrary granularity. This helps reduce the volume of logged output and minimize the...

6.3CVSS6.2AI score0.00499EPSS
Exploits0
osv
osv
added 2026/06/17 6:43 a.m.6 views

MGASA-2026-0218 Updated log4cxx packages fix security vulnerability

CVE-2026-40023, Apache Log4cxx, Apache Log4cxx Conan, Apache Log4cxx Brew: Silent log event loss in XMLLayout due to unescaped XML 1.0 forbidden characters...

6.3CVSS5.3AI score0.00499EPSS
Exploits0References4
mageia
mageia
added 2026/06/17 6:43 a.m.9 views

Updated log4cxx packages fix security vulnerability

CVE-2026-40023, Apache Log4cxx, Apache Log4cxx Conan, Apache Log4cxx Brew: Silent log event loss in XMLLayout due to unescaped XML 1.0 forbidden characters...

6.3CVSS5.3AI score0.00499EPSS
Exploits0References3
osv
osv
added 2026/06/05 12:5 a.m.16 views

OSV-2026-853 Stack-buffer-overflow in log4cxx::helpers::Transcoder::decode

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519671967 Crash type: Stack-buffer-overflow READ 1 Crash state: log4cxx::helpers::Transcoder::decode TranscoderFuzzer.cpp CentipedeRunnerMain...

5.4AI score
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/05 12:0 a.m.10 views

PT-2026-49158

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519671967 Crash type: Stack-buffer-overflow READ 1 Crash state: log4cxx::helpers::Transcoder::decode TranscoderFuzzer.cpp CentipedeRunnerMain...

5.2AI score
Exploits0References2
nessus
nessus
added 2026/05/10 12:0 a.m.8 views

openSUSE 16 Security Update : log4cxx (openSUSE-SU-2026:20705-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20705-1 advisory. Changes in log4cxx: - update to 1.7.0 bsc1261994, CVE-2026-40023: Non-ascii characters incorrectly encoded in JSON output 615 XML output could contain...

6.3CVSS5.8AI score0.00499EPSS
Exploits0References3
osv
osv
added 2026/05/07 10:19 a.m.4 views

OPENSUSE-SU-2026:20705-1 Security update for log4cxx

This update for log4cxx fixes the following issues: Changes in log4cxx: - update to 1.7.0 bsc1261994, CVE-2026-40023: Non-ascii characters incorrectly encoded in JSON output 615 XML output could contain characters not allowed by the XML 1.0 specification An XML configuration file with recursive...

6.3CVSS5.8AI score0.00499EPSS
Exploits0References2
opensuse
opensuse
added 2026/04/17 12:0 a.m.12 views

liblog4cxx-devel-1.7.0-2.1 on GA media (moderate)

liblog4cxx-devel-1.7.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10566-1 Rating: moderate Cross-References: CVE-2026-40023 CVSS scores: CVE-2026-40023 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2026-40023 SUSE : 6.3...

6.3CVSS5.8AI score0.00499EPSS
Exploits0
redhatcve
redhatcve
added 2026/04/13 5:23 p.m.5 views

CVE-2026-40023

A flaw was found in Apache Log4cxx. An attacker who can influence logged data can exploit this by injecting characters forbidden by the XML 1.0 specification a standard for encoding documents into log messages, Network Device Configuration NDC, and Mapped Diagnostic Context MDC property keys and...

6.3CVSS5.7AI score0.00499EPSS
Exploits0References8
nessus
nessus
added 2026/04/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-40023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters...

6.3CVSS6AI score0.00499EPSS
Exploits0References3
euvd
euvd
added 2026/04/10 6:31 p.m.8 views

EUVD-2026-21490

Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...

6.3CVSS5.8AI score0.00499EPSS
Exploits0References7
nvd
nvd
added 2026/04/10 4:16 p.m.3 views

CVE-2026-40023

Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...

6.3CVSS0.00499EPSS
Exploits0References6
osv
osv
added 2026/04/10 4:16 p.m.4 views

DEBIAN-CVE-2026-40023

Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...

5.3CVSS5.3AI score0.00499EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2026/04/10 4:16 p.m.4 views

CVE-2026-40023

Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...

6.3CVSS5.8AI score0.00499EPSS
Exploits0References7
osv
osv
added 2026/04/10 4:16 p.m.8 views

UBUNTU-CVE-2026-40023

Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...

6.3CVSS5.8AI score0.00499EPSS
Exploits0References8
attackerkb
attackerkb
added 2026/04/10 3:45 p.m.2 views

CVE-2026-40023

Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...

6.3CVSS5.8AI score0.00499EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/04/10 3:45 p.m.5 views

CVE-2026-40023 Apache Log4cxx, Apache Log4cxx (Conan), Apache Log4cxx (Brew): Silent log event loss in XMLLayout due to unescaped XML 1.0 forbidden characters

Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...

6.3CVSS5.8AI score0.00499EPSS
Exploits0References5
debiancve
debiancve
added 2026/04/10 3:45 p.m.3 views

CVE-2026-40023

Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...

6.3CVSS5.3AI score0.00499EPSS
Exploits0
cve
cve
added 2026/04/10 3:45 p.m.18 views

CVE-2026-40023

CVE-2026-40023 concerns Apache Log4cxx XMLLayout (pre-1.7.0) that fails to sanitize XML 1.0 forbidden characters in log messages, NDC, and MDC keys/values, producing invalid XML. Conforming parsers may reject such documents, potentially dropping or failing to index affected records and impairing ...

6.3CVSS5.8AI score0.00499EPSS
Exploits0References6Affected Software1
cnnvd
cnnvd
added 2026/04/10 12:0 a.m.9 views

Apache Log4cxx 安全漏洞

Apache Log4cxx is a C++ logging framework developed by the Apache Foundation, based on the Apache log4j framework. Versions of Apache Log4cxx prior to 1.7.0 contained security vulnerabilities. These vulnerabilities stemmed from XMLLayout not clearing characters prohibited by the XML 1.0...

6.3CVSS5.8AI score0.00499EPSS
Exploits0References6
Rows per page
Query Builder